lispdoc - results for session

(hunchentoot:session object)
Type: SESSION objects are automatically maintained by Hunchentoot. They should not be created explicitly with MAKE-INSTANCE but implicitly with START-SESSION and they should be treated as opaque objects. You can ignore Hunchentoot's SESSION objects altogether and implement your own sessions if you provide corresponding methods for SESSION-COOKIE-VALUE and SESSION-VERIFY.
  
hunchentoot:*session*
Variable: The current session while in the context of a request, or NIL.
  
(hunchentoot:session-gc)
Function: Removes sessions from the current session database which are too old - see SESSION-TOO-OLD-P.
  
(hunchentoot:session-db acceptor)
Function: Returns the current session database which is an alist where each car is a session's ID and the cdr is the corresponding SESSION object itself. The default is to use a global list for all acceptors.
  
(hunchentoot:session-value symbol &optional (session *session*))
Setf: Sets the value associated with SYMBOL from the session object SESSION. If there is already a value associated with SYMBOL it will be replaced. Will automatically start a session if none was supplied and there's no session for the current request.
Function: Returns the value associated with SYMBOL from the session object SESSION (the default is the current session) if it exists.
  
(hunchentoot:start-session)
Function: Returns the current SESSION object. If there is no current session, creates one and updates the corresponding data structures. In this case the function will also send a session cookie to the browser.
  
(hunchentoot:reset-sessions &optional (acceptor *acceptor*))
Function: Removes ALL stored sessions of ACCEPTOR.
  
(hunchentoot:remove-session session)
Function: Completely removes the SESSION object SESSION from Hunchentoot's internal session database.
  
(hunchentoot:session-verify request)
Function: Tries to get a session identifier from the cookies (or alternatively from the GET parameters) sent by the client (see SESSION-COOKIE-NAME and SESSION-COOKIE-VALUE). This identifier is then checked for validity against the REQUEST object REQUEST. On success the corresponding session object (if not too old) is returned (and updated). Otherwise NIL is returned. A default method is provided and you only need to write your own one if you want to maintain your own sessions.
  
(hunchentoot:session-created acceptor new-session)
Function: This function is called whenever a new session has been created. There's a default method which might trigger a session GC based on the value of *SESSION-GC-FREQUENCY*. The return value is ignored.
  
hunchentoot:*session-secret*
Variable: A random ASCII string that's used to encode the public session data. This variable is initially unbound and will be set (using RESET-SESSION-SECRET) the first time a session is created, if necessary. You can prevent this from happening if you set the value yourself before starting acceptors.
  
(hunchentoot:session-db-lock acceptor &key whole-db-p (whole-db-p t))
Function: A function which returns a lock that will be used to prevent concurrent access to sessions. The first argument will be the acceptor that handles the current request, the second argument is true if the whole (current) session database is modified. If it is NIL, only one existing session in the database is modified. This function can return NIL which means that sessions or session databases will be modified without a lock held (for example for single-threaded environments). The default is to always return a global lock (ignoring the ACCEPTOR argument) for Lisps that support threads and NIL otherwise.
  
(hunchentoot:next-session-id acceptor)
Function: Returns the next sequential session ID, an integer, which should be unique per session. The default method uses a simple global counter and isn't guarded by a lock. For a high-performance production environment you might consider using a more robust implementation.
  
(hunchentoot:session-max-time object)
Undocumented
  
(hunchentoot:session-user-agent object)
Undocumented
  
hunchentoot:*session-max-time*
Variable: The default time (in seconds) after which a session times out.
  
(hunchentoot:session-remote-addr object)
Undocumented
  
(hunchentoot:session-cookie-name acceptor)
Function: Returns the name (a string) of the cookie (or the GET parameter) which is used to store a session on the client side. The default is to use the string "hunchentoot-session", but you can specialize this function if you want another name.
  
(hunchentoot:delete-session-value symbol &optional (session *session*))
Function: Removes the value associated with SYMBOL from SESSION if there is one.
  
(hunchentoot:session-cookie-value session)
Function: Returns a string which can be used to safely restore the session SESSION if as session has already been established. This is used as the value stored in the session cookie or in the corresponding GET parameter and verified by SESSION-VERIFY. A default method is provided and there's no reason to change it unless you want to use your own session objects.
  
(hunchentoot:reset-session-secret)
Function: Sets *SESSION-SECRET* to a new random value. All old sessions will cease to be valid.
  
hunchentoot:*session-gc-frequency*
Variable: A session GC (see function SESSION-GC) will happen every *SESSION-GC-FREQUENCY* requests (counting only requests which create a new session) if this variable is not NIL. See SESSION-CREATED.
  
hunchentoot:*session-removal-hook*
Variable: A function of one argument (a session object) which is called whenever a session is garbage-collected.
  
(hunchentoot:session-too-old-p session)
Function: Returns true if the SESSION object SESSION has not been active in the last (SESSION-MAX-TIME SESSION) seconds.
  
hunchentoot:*rewrite-for-session-urls*
Variable: Whether HTML pages should possibly be rewritten for cookie-less session-management.
  
hunchentoot:*use-user-agent-for-sessions*
Variable: Whether the 'User-Agent' header should be encoded into the session string. If this value is true, a session will cease to be accessible if the client sends a different 'User-Agent' header.
  
hunchentoot:*use-remote-addr-for-sessions*
Variable: Whether the client's remote IP (as returned by REAL-REMOTE-ADDR) should be encoded into the session string. If this value is true, a session will cease to be accessible if the client's remote IP changes. This might for example be an issue if the client uses a proxy server which doesn't send correct 'X_FORWARDED_FOR' headers.